<?php

// +---------------------------------------------+
// |     Copyright  2010 - 2018 InterPhoto       |
// |     http://www.weentech.com                 |
// |     This file may not be redistributed.     |
// +---------------------------------------------+


define('IN_GETPASS', true);

include('includes/Admin.Core.php');

if($needDeleteInstall)
{
  $logininfo ='提示: 请在删除系统安装目录(./install/)后继续!';
  $disabled =  ' disabled="disabled" style="cursor:default;"';
}else{
  $inputfocus = 'onLoad="document.forms.wcloginform.useremail.focus()"';
  $logininfo = '';
}

$this_full_url = BASEURL . substr(str_replace(dirname(dirname(__FILE__)), '', dirname(__FILE__)), 1);


if (IsPost('Submit'))
{
	$email = ForceIncomingString('useremail');

	if (empty($email))
		$logininfo  = '';
	elseif (!IsEmail($email))
		$logininfo  = 'Email地址格式不规范!';
	else
	{
		$user = $DB->query_first("SELECT u.username, u.password FROM " . TABLE_PREFIX . "users u LEFT JOIN  " . TABLE_PREFIX . "usergroups ug ON (u.groupid = ug.groupid) WHERE u.email = '$email'  AND u.activated = 1 AND ug.manage = 1");

		if(!isset($user)){
			$logininfo = '用户不存在或非管理用户组!';
		}else{
			$verifycode = PassGen(8);

			require_once (BASEPATH. 'library/phpmailer/class.phpmailer.php');

			$mail = new PHPMailer();

			if($mainsettings['siteUseSmtp'] == '1')
				$mail->IsSMTP();
			else
				$mail->IsMail();

			$mail->Host =  $mainsettings['siteSmtpHost'];
			$mail->Port = $mainsettings['siteSmtpPort'];

			$mail->SMTPAuth = true;
			$mail->Username = $mainsettings['siteSmtpUser'];
			$mail->Password = $mainsettings['siteSmtpPassword'];

			$mail->From      =  $mainsettings['siteEmail'];
			$mail->FromName      =  $mainsettings['siteCopyright'];
			$mail->AddReplyTo ($mainsettings['siteEmail'], $mainsettings['siteCopyright']);   
			$mail->Sender      =  $mainsettings['siteSmtpEmail'];
			
			$mail->Subject  = '管理员找回密码';
			$message        = "\r\n请点击以下链接重新设置密码:\r\n\r\n";
			$message       .= "<a href=\"" . $this_full_url . "/admin.getpass.php?key=".base64_encode($email)."&sid=" . md5($user['username'] .COOKIE_KEY.$user['password'].$verifycode) . "\" target=\"_blank\">" .$this_full_url . "/admin.getpass.php?key=".base64_encode($email)."&sid=" . md5($user['username'] .COOKIE_KEY.$user['password'].$verifycode) . "</a>\r\n";
			$mail->Body     = nl2br($message);
			$mail->AddAddress($email);

			if($mail->Send()){
				$DB->query("UPDATE " . TABLE_PREFIX . "users SET verifycode = '$verifycode' WHERE email = '$email'");
				$logininfo = '<font color="#339900"><b>确认重设密码的邮件已发送到您的信箱, 请查收!</b></font>';
			}else{
				$logininfo = $mail->ErrorInfo;
			}

		}
	}
}

if (IsGet('sid') AND IsGet('key'))
{
	$email = base64_decode(ForceIncomingString('key'));
	$sid = ForceIncomingString('sid');

	if(isEmail($email) AND isName($sid)){

		$user = $DB->query_first("SELECT u.userid, u.username, u.password, u.verifycode FROM " . TABLE_PREFIX . "users u LEFT JOIN  " . TABLE_PREFIX . "usergroups ug ON (u.groupid = ug.groupid) WHERE u.email = '$email'  AND u.activated = 1 AND ug.manage = 1");

		if(isset($user))
		{
			if($sid == md5($user['username'] .COOKIE_KEY.$user['password'].$user['verifycode']))
			{

				$pwd = PassGen(8);

				$result = $DB->query("UPDATE " . TABLE_PREFIX . "users SET password    = '".md5($pwd)."'							 
														   WHERE userid = '$user[userid]' ");

				if (!isset($result)){
					$logininfo = '重设密码时发生错误, 请重试!';
				}else{

					$DB->query("UPDATE " . TABLE_PREFIX . "users SET verifycode = '' WHERE userid = '$user[userid]' ");

					require_once (BASEPATH. 'library/phpmailer/class.phpmailer.php');

					$mail = new PHPMailer();

					if($mainsettings['siteUseSmtp'] == '1')
						$mail->IsSMTP();
					else
						$mail->IsMail();

					$mail->Host =  $mainsettings['siteSmtpHost'];
					$mail->Port = $mainsettings['siteSmtpPort'];

					$mail->SMTPAuth = true;
					$mail->Username = $mainsettings['siteSmtpUser'];
					$mail->Password = $mainsettings['siteSmtpPassword'];

					$mail->From      =  $mainsettings['siteEmail'];
					$mail->FromName      =  $mainsettings['siteCopyright'];
					$mail->AddReplyTo ($mainsettings['siteEmail'], $mainsettings['siteCopyright']);   
					$mail->Sender      =  $mainsettings['siteSmtpEmail'];
					
					$mail->Subject  = '管理员新密码';
					$message        = "\r\n用户名: " .$user['username']. "\r\n\r\n";
					$message       .= "密码: " .$pwd. "\r\n";
					$mail->Body     = nl2br($message);
					$mail->AddAddress($email);

					if($mail->Send()){
						$logininfo = '<font color="#339900"><b>新密码已发送到您的邮箱, 请查收!</b></font>';
					}else{
						$logininfo = '<font color="#339900"><b>您的用户名是: '.$user['username']. '&nbsp;&nbsp;密码是: '.$pwd . '</b></font>';
					}

				}

			}else{
				$logininfo = '重设密码时发生错误: 验证码不正确!';
			}

		}else{
			$logininfo = '重设密码时发生错误: 验证码不正确!';
		}

	}else{
		$logininfo = '重设密码时发生错误: 验证码不正确!';
	}

}

echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
	<html>
	<head>
	<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
	<title>InterPhoto图片网站管理系统 - 找回密码</title>
	<link rel="stylesheet" type="text/css" href=\'./templates/login.css\' />
	<SCRIPT LANGUAGE="JAVASCRIPT" TYPE="TEXT/JAVASCRIPT">
	<!--
	if(top.location != self.location)
	{
	  top.location.replace(self.location)
	}
	-->
	</SCRIPT>

	</head>

	<body id="page-login" '. $inputfocus .' >
	<div class="login-container">
	<div class="login-box">
		<form action="admin.getpass.php" method="post" name="wcloginform">
			<fieldset class="login-form">
				<h2>InterPhoto图片网站管理系统 - 找回密码</h2>
				<div id="messages">' . $logininfo . '</div>
				<div class="input-box input-left"><label for="username">管理员Email:</label><br/>
					<input type="text" id="username" name="useremail" value="" class="required-entry input-text" '.$disabled .'/></div>
				<div class="input-box input-right"><label for="login">密码:</label><br/>
					<input type="password" id="login" name="loginpassword" class="required-entry input-text"  value="i forgot" disabled="disabled" style="cursor:default;" /></div>
				<div class="clear"></div>
				<div class="form-buttons" style="margin-right:8px;"><input type="submit" name="Submit" class="form-button" value="找回密码" '.$disabled .'/></div>
				 <div style="margin-left:8px;"><a href="./" target="_parent" class="normal">返回登录?</a>&nbsp;</div>
		   </fieldset>
			<p class="legal" align="right"><a href="http://www.weentech.com" target="_blank" class="normal">闻泰网络</a> <font color=#FF9900>&copy;</font><font class="copyright">'.date("Y").'</font>&nbsp;</p>
		</form>
		<div class="bottom"></div>
	</div>
	</div>
</body>
</html>';

$DB->close();

?>